Re: Debian Server restored after Compromise
- To: Andreas Tille <email@example.com>
- Cc: firstname.lastname@example.org
- Subject: Re: Debian Server restored after Compromise
- From: Kurt Roeckx <email@example.com>
- Date: Thu, 13 Jul 2006 23:01:44 +0200
- Message-id: <20060713210144.GA19633@roeckx.be>
- In-reply-to: <Pine.LNX.4.62.0607132246520.16445@wr-linux02>
- References: <20060713175452.GS1655@finlandia.home.infodrom.org> <20060713181827.GA4595@localhost.localdomain> <Pine.LNX.4.62.0607132246520.16445@wr-linux02>
On Thu, Jul 13, 2006 at 10:49:04PM +0200, Andreas Tille wrote:
> On Thu, 13 Jul 2006, Bas Zoetekouw wrote:
> >Or maybe only allow pubkey ssh authentication?
> I'd vote for it and I use it since the last break in exclusively.
> The only drawback is that the mail interface to db.d.o is
> somewhat broken but if more people use it the pressure to fix
> it might increase.
When I wanted to mail my ssh key, I had to first log in on master
(with my password) to be able to send the mail from there. The
script doesn't handle mime, and my ssh key is longer then 1024
chars so you can't really send it over smtp as 1 line. I think
exim allows it or something, making it work if you send it from
But I guess you're talking about setting other things you can do
thru the website, for which the password is required too.